Kali Linux 2021.3 : Penetration Testing and Ethical Hacking Linux Distribution
Kali Linux 2021.3 is a Penetration Testing and Ethical Hacking Linux Distribution. A summary of the changes since the 2021.2 release from June are: OpenSSL - Wide compatibility by default - Keep reading for what that meansNew Kali-Tools site - Following the footsteps of Kali-Docs, Kali-Tools has had a complete refreshBetter VM support in the Live image session - Copy & paste and drag & drop...
Gokart : A Static Analysis Tool For Securing Go Code
GoKart is a static analysis tool for Go that finds vulnerabilities using the SSA (single static assignment) form of Go source code. It is capable of tracing the source of variables and function arguments to determine whether input sources are safe, which reduces the number of false positives compared to other Go security scanners. For instance, a SQL query...
Vailyn : A Phased, Evasive Path Traversal + LFI Scanning & Exploitation Tool In Python
Vailyn is a multi-phased vulnerability analysis and exploitation tool for path traversal and file inclusion vulnerabilities. It is built to make it as performant as possible, and to offer a wide arsenal of filter evasion techniques. How Does It Work? Vailyn operates in 2 phases. First, it checks if the vulnerability is present. It does so by trying to access /etc/passwd...
Rootend : A *Nix Enumerator And Auto Privilege Escalation Tool
Rootend is a python *nix Enumerator & Auto Privilege Escalation tool. For a full list of our tools, please visit our website https://www.twelvesec.com/ Written by: nickvourd (twitter)maldevel (twitter)servo Usage ._ _ /_ _ | | _ / / _ | | / / // | | / // _ _____ _/ _ _/ | | / /| | / / / /...
BoobSnail : Allows Generating Excel 4.0 XLM Macro
BoobSnail allows generating XLM (Excel 4.0) macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation. Features: various infection techniques;various obfuscation techniques;translation of formulas into languages other than English;can be used as a library - you can easily write your own generator. Building and Running Tested on: Python 3.8.7rc1 pip install -r requirements.txtpython boobsnail.py. . ..__ |_ _ |_...
Peirates : Kubernetes Penetration Testing Tool
Peirates, a Kubernetes penetration tool, enables an attacker to escalate privilege and pivot through a Kubernetes cluster. It automates known techniques to steal and collect service accounts, obtain further code execution, and gain control of the cluster. Where Do I Run Peirates? You run Peirates from a container running on Kubernetes. Does Peirates Attack A Kubernetes Cluster? Yes, it absolutely does. Talk to...
targetedKerberoast : Kerberoast With ACL Abuse Capabilities
targetedKerberoast is a Python script that can, like many others (e.g. GetUserSPNs.py), print "kerberoast" hashes for user accounts that have a SPN set. This tool brings the following additional feature: for each user without SPNs, it tries to set one (abuse of a write permission on the servicePrincipalName attribute), print the "kerberoast" hash, and delete the temporary SPN set for that operation....
exFAT: Advantages & Disadvantages of Extensible FAT
exFAT or the Extensible File Allocation Table was introduced in 2006 by Microsoft as a file system optimized for SD cards, USB flash drives and other flash memory. It had the status of a proprietary technology until the technical specification was released in 2019 by Microsoft. Today, it is one of the most commonly used file systems in removable...
Autoharness : A Tool That Automatically Creates Fuzzing Harnesses Based On A Library
AutoHarness is a tool that automatically generates fuzzing harnesses for you. This idea stems from a concurrent problem in fuzzing codebases today: large codebases have thousands of functions and pieces of code that can be embedded fairly deep into the library. It is very hard or sometimes even impossible for smart fuzzers to reach that codepath. Even for large...
On-The-Fly : Tool Which Gives Capabilities To Perform Pentesting Tests In Several Domains (IoT, ICS & IT)
On-The-Fly was written in Python and made extensive use of Scapy and netfilterqueue. It is crucial to have Scapy in Python and net filter queue installed with a compatible version of Python. For this, a version of Python 3 up to Python version 3.7.5 is recommended (and no higher, as there may be incompatibilities with 3.8 and 3.9 in...
